One Identity Active Roles Reviews

Name: One Identity Active Roles
Brand: One Identity
Rating: 4.3 (25 reviews)

Vendor: One Identity

4.3 out of 5

25 reviews
100% willing to recommend

970 followers

Start review

What is One Identity Active Roles?

One Identity Active Roles is a highly regarded solution for Active Directory (AD) security and account management. One Identity Active Roles will enhance group, account, and directory management while eradicating the need for manual processes. The end result is a significant increase in the overall speed, efficiency, and security of the organization.

Get the One Identity Active Roles Buyer's Guide and find out what your peers are saying about One Identity Active Roles, ManageEngine ADManager Plus, Netwrix Auditor and more!

One Identity Active Roles is the #2 ranked solution in top Active Directory Management solutions, #5 ranked solution in top User Provisioning Software, and #5 ranked solution in top Non-Human Identity Management (NHIM) solutions. PeerSpot users give One Identity Active Roles an average rating of 8.6 out of 10. One Identity Active Roles is most commonly compared to ManageEngine ADManager Plus: One Identity Active Roles vs ManageEngine ADManager Plus. One Identity Active Roles is popular among the large enterprise segment, accounting for 66% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 17% of all views.

Buyer's Guide

One Identity Active Roles

April 2025

Get the report

Helped 849,686 peers since 2012

Featured One Identity Active Roles reviews

Grzegorz Kosela

solution architect/ engineer at APEX.IT Sp. z o.o.

Currently, task automation, like provisioning, deprovisioning, and reprovisioning, is very effective. When a user moves from one organization to another, it automatically changes their group membership and performs similar functions. Secondly, the granular delegation feature is very nice and much simpler and easier than it is natively in Microsoft. Two years ago, One Identity Active Roles was under Dell. It was quite poor. However, now, there have been notable improvements, such as faster system processing, better logging, enhanced information, and a more user-friendly interface. Once it was sold by Dell, things got better. The interface became a bit more user-friendly. The Angular user interface is much more flexible for adjusting to customer needs, and a completely new and customizable one can be created, aligning with all settings and scripts required by a customer. The ease of managing on-prem and cloud-based directories through a single pane of glass is good. I'd rate it nine out of ten. The solution's ability to provision and deprovision resources and directories like Azure AD is very simple, especially when you can integrate with the HR system and grab some data from HR. It's actually fully automatic. I don't need to even touch it. It's helped increase operational efficiency by 50%. It's helped decrease security problems around privileged accounts. We were able to decrease the number of privileged accounts and have been able to delegate more effectively. We decreased the number of high-level permissions that administrators had. For example, if someone is a DNS administrator, he has access only as far as the specific actions he needs to handle. We don't need to give away such high privileges for such a daily job. It's helped clarify roles and access. It's helped reduce identity-based breaches. If someone leaves a company, we can easily undo provisioning and close accounts. We can generate reports to see which people have which permissions and at what times. We've just integrated with our HR system. It helps us follow activated and deactivated users. I'd rate the granular controls on offer ten out of ten. We've saved on manpower in terms of the work of the administrators. There's good reporting and functionality, and it's very transparent. You can connect more than one directory and manage everything from one pane. You can do many things from one interface.

Read full review

Neera Jain

Team Lead, Technical & Enterprise Directory Services Vita Program at AIS Network

The granular control has been very helpful for us. We want to be able to control what level users have access to. It is possible to control access levels at the organizational unit or even the attribute level, making it helpful for us. Active Roles helped increase operational efficiency in our organization. We have delegated user provisioning to the help desk so they can create users or manage accounts. We have delegated group management to identified group owners who can manage their groups. Some of them just need read-only access to AD; they do not need to download the native tools. They can just do it via a browser. Active Roles has helped our organization reduce the number of erroneous privileged accounts. We have set the templates, and we have set the standards. It helps standardize all the naming conventions and how they are provisioned with the rules. That is definitely very helpful. We use the change history to see who might have modified what object. We have that tracking, but we use a tool from Quest called Change Auditor that can do the auditing to figure out who did what type of thing for auditing.

Read full review

reviewer2686314

IAM Specialist

The feature I appreciate most about the solution is the ability to lock down Active Directory Roles granularly. For instance, our support personnel can only change passwords for users; the only thing they can change in the user object is the password. They cannot alter anything else. This allows us to manage multiple One Identity Active Roles from a single pane of glass. We're very satisfied with the granularity. We have eased the burden on the support desk and reduced the risk of them doing something they shouldn't. We have limited the use of domain administrators and gained a better view of what is happening in One Identity Active Roles. It is easier to find rogue and malicious users, and end users can now request access through the web interface instead of creating a ticket. We've lowered the amount of privileged accounts. We can have support staff that have privileged access however, we've limited privileges so that they can only do what they are meant to do in the directory. Active Roles helped reduce our identity-based breaches. I don't have a number of how many. It's maybe between 10% and 20%. Now, we know what users we actually have in our IT directory. It has helped us to find the dormant users that we don't need anymore. It's improved our security posture. It has limited access to our crown jewels, where all our identities lie within Active Directory. It's not a stand-alone product. It doesn't fix everything. However, it does help to the overall security posture. Before, we had domain admins logging directly into our directory user's computers, and doing stuff. They don't do that anymore. We've limited priveledges. The directory is more secure today and we have better visibility.

Read full review

One Identity Active Roles mindshare

Product category:

As of May 2025, the mindshare of One Identity Active Roles in the Active Directory Management category stands at 6.8%, down from 7.8% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Active Directory Management

PeerResearch reports based on One Identity Active Roles reviews

Type	Title	Date
Category	Active Directory Management	May 1, 2025	Download
Product	Reviews, tips, and advice from real users	May 1, 2025	Download
Comparison	One Identity Active Roles vs ManageEngine ADManager Plus	May 1, 2025	Download
Comparison	One Identity Active Roles vs Netwrix Auditor	May 1, 2025	Download
Comparison	One Identity Active Roles vs ManageEngine ADAudit Plus	May 1, 2025	Download

Title	Rating	Mindshare	Recommending
ManageEngine ADManager Plus	4.1	14.9%	94%	15 interviews Add to research
Netwrix Auditor	4.6	13.5%	100%	7 interviews Add to research

Valuable Features

One Identity Active Roles offers attribute-level control, delegation, dynamic groups, and temporal group membership. Users find invaluable its provisioning, deprovisioning, workflows, zero-trust security, and role-based access control. Integration with systems like Azure AD, Trillium, and SAP enhances automation and accuracy. Granular permissions, virtual attributes, and a single-pane management streamline operations. The web interface and access templates simplify Active Directory management and improve security by reducing identity-based breaches and unnecessary privileges.

"We have eased the burden on the support desk and reduced the risk of them doing something they shouldn't."
"The ease of managing on-prem and cloud-based directories through a single pane of glass is good."
"The ease of managing on-prem and cloud-based directories through a single pane of glass is good."

Room for Improvement

One Identity Active Roles could enhance the web interface's customization and modernization, support multiple scripting languages beyond VBScript, and improve workflows with built-in templates. Attestation features should be reintroduced, while documentation, especially for newer authentication methods, requires better clarity. Users seek improved Azure AD management, dynamic group processing, language support, and more efficient user interfaces for scalable displays. Increased cloud integration, particularly with Entra ID, and better performance are also desired.

"The user interface needs to be more modern and scalable. There are certain screen resolutions where the product is unusable."
"The possibility to request group membership, similar to the past, was disabled and moved to Identity Manager."
"Additional documentation about the Angular web interface is needed."

ROI

Users experience significant time savings with One Identity Active Roles, automating manual tasks in minutes and enhancing productivity. Risk management is a key benefit, helping to secure unauthorized access and maintain data consistency. Active Roles improves efficiency, reducing incidents and support tickets by about 150 in some cases, while providing better user satisfaction and feedback. It quickly integrates into processes, offers excellent reporting and auditing, saving around 20% of resources and achieving a 30% return.

Pricing

One Identity Active Roles employs a straightforward user-based licensing model, appreciated for its simplicity. While users find the product's pricing on the higher end, many acknowledge that the return on investment and functional advantages justify the cost. Customers report spending significant amounts annually, including consultancy fees. Enabled User Accounts in Active Directory dictate licensing, with flexibility for additional licenses without disrupting operations. The setup cost is noted as expensive, yet efficient post-deployment.

"The pricing is high. I have not been involved with the renewal or cost aspect, but I know it is not cheap by any means. However, it is very useful for our environment."
"The pricing for Active Roles is expensive but not as expensive as other solutions like Okta."
"It's expensive."

Popular Use Cases

Organizations primarily use One Identity Active Roles for Active Directory management, including provisioning and deprovisioning user accounts, delegation of administrative permissions, and automating workflows. This tool is essential for synchronizing with HR systems, enhancing security by limiting native rights, and creating dynamic groups for access and authentication. Businesses utilize its capabilities for managing permissions across multiple domains, streamlining IT operations, and managing identity across on-premises and cloud environments like Azure.

Service and Support

Customers find One Identity support responsive and knowledgeable, with access to developers for deeper issues. Many rate it highly, appreciating quick, effective assistance via a community portal. Some users note delays and limited help for complex tasks, necessitating Professional Services. While Premier Support is valued for customization and issue resolution, standard support isn't always prompt and can occasionally lack adequate answers. Ratings range between six to ten, reflecting mixed customer experiences.

Deployment

Initial setup of One Identity Active Roles is generally straightforward, though complexity varies. Many found it intuitive and quick, sometimes taking just a few hours or a day. Some users with more complexity or lack of previous experience found it challenging, requiring more time and effort. Deployment can involve multiple teams, with certain phases proving more complex, such as configuration or integration. Maintenance is typically minimal, with updates handled easily.

Scalability

Users report One Identity Active Roles as highly scalable, accommodating complex environments and large user bases effectively. They note its ability to manage extensive Active Directories and its adaptability for continuous usage and automation needs. Some mention its capacity struggles in massive deployments. Operational in varied company sizes, it's extensively utilized in managing identity processes and supporting diverse roles. Users praise its scalability, adaptability, and extensive feature set for enterprise-level management.

Stability

Users report One Identity Active Roles as a stable tool. Many experience no issues and rate its stability between seven and ten, emphasizing reliable performance across multiple versions. Occasional challenges, such as performance hiccups, may require service restarts. Other experiences note minor issues with the web interface or software bugs, yet they maintain satisfaction due to the system's consistent reconnection capabilities after disruptions. Maintenance is considered minimal, contributing to its robust image.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our One Identity Active Roles Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

12%

Healthcare Company

Manufacturing Company

Government

University

Insurance Company

Comms Service Provider

Retailer

Real Estate/Law Firm

Educational Organization

Construction Company

Hospitality Company

Media Company

Wholesaler/Distributor

Logistics Company

Transportation Company

Photography Company

Consumer Goods Company

Energy/Utilities Company

Legal Firm

Aerospace/Defense Firm

Engineering Company

Recreational Facilities/Services Company

Non Profit

Leisure / Travel Company

Performing Arts

Pharma/Biotech Company

Compare One Identity Active Roles with alternative products

Learn more about One Identity Active Roles

Using One Identity Active Roles, users can:

Easily increase and strengthen native attributes of Active Directory (AD) and Azure AD.
Quickly unify and automate group and account management while protecting and securing critical administrative access.
Free up valuable resources to concentrate on other IT tasks, fully confident that your user permissions, critical data, and privileged access are safe and secure.

Managing accounts in AD and Azure AD can be tremendously challenging; continually keeping these important systems safe and secure presents an even greater challenge. Traditional tools can be inefficient, error-prone, and very disjointed. In today’s robust marketplace, organizations are finding it somewhat difficult to keep pace with the constant access changes in a hybrid AD ecosystem. Additionally, there are significant security issues to consider (government compliance, employee status/access changes, and other confidential business requirements). And, of course, there is a requirement to properly manage Active Directory and Azure Active Directory access in addition to managing all the other numerous SaaS and non-Windows applications that organizations use today.

Users can easily automate all of these tedious, mundane administrative tasks, keeping their systems safe and error-free. Active Roles ensures users can perform their job responsibilities more effectively, more efficiently, and with minimal manual intervention. Active Roles was created with a flexible design, so organizations can easily scale to meet your organizational needs, today, tomorrow, and in the foreseeable future.

Reviews from Real Users

A PeerSpot user who is a Network Analyst at a government tells us, “It has eliminated admin tasks that were bogging down our IT department. Before we started using Active Roles, if one of our frontline staff members deleted a user or group, it could take several hours to try to reverse that mistake. Whereas now, the most our frontline staff can do is a deprovision, which just disables everything in the background, but it's still there. We can go in and have it back the way it was two minutes later. Instead of it taking two hours, it only takes two minutes.”

Becky P., Sr Business Analyst at George Washington University, shares, “In addition, with the use of workflows and the scheduled tasks, we were able to automate and centrally manage a number of the processes as well as utilize them to work around other product limitations. Those include, but are not limited to syncing larger groups, which have 50,000 plus members, to Azure AD. We sync up to Azure AD using ARS. If we had not already had ARS in place, it would have been impossible for us to have done so in the time period we did it in. We did it in under six months. ARS probably saves us at least two weeks out of every month. It's reduced our workload by 50 percent, easily.”

One Identity Active Roles was previously known as Quest Active Roles.

One Identity Active Roles customers

City of Frankfurt, Moore Public Schools, George Washington University, Transavia Airlines, Howard County, MD. See all stories at OneIdentity.com/casestudies